StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>Since all users use the same OS login account, it is impossible to use OS's facilities to enforce access control, since the OS recognizes everyone as one person. I can only think of one (not-so-good, or quite bad actually) solution that doesn't require another computer: encrypt the files with each of the user's password. However, this means that all the files have to be re-encrypted every time the user changes password, which introduces unacceptable delays and uses a lot of computational power.</p> <p>There are plenty of other methods to hide the information from the user and only allow access from your program. Hiding can prevent most mediocre users from accessing data, but determined people with programming skill will be able to make the data accessible. A simple example is to xor all the bytes in the program, and/or permute the bytes with a number of fixed pattern. If the data is not that critical, this is a possible "solution".</p> <p>I am not sure if there are any other method without requiring another computer.</p> <p>So that leaves only the option of storing the information on a separated computer. I think it is possible, but I don't know the details here.</p> <hr> <p>Then there is this problem: user A opens a file from his app account, work with it, then he logs out of the app account, and logs out of common OS account, then user B logs into the common OS account. You have to make sure that after user A logs out of app account, user B cannot see the file user A was working on.</p> <p>I am not sure if this should be taken care of the app or not.</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload